Two Korean watchdogs have announced a joint probe into crypto exchange operators’ handling of personal data, local news outlet Chosun reports Monday, July 2. The agencies in question are the Korea Communications Commission (KCC) and the Korea Internet & Security Agency (KISA). The KCC and KISA will investigate potential infringements of data privacy rights by crypto exchange operators in conjunction with third party service providers – for example, smartphone apps designed for services such as real estate, shopping and travel.
The probe will reportedly check the status of technical and administrative protection measures related to users’ personal data – covering data access control measures, anti-tampering measures, personal data encryption, and malware protection. After reviewing the collection, use, provision and destruction of personal data by both crypto exchange operators and third parties, the authorities have said they will enforce administrative penalties should they discover violations of the country’s data protection laws.
Chosun reports further that the KCC will probe eight crypto money handling firms who have received corrective orders after violating Korea’s Personal Information Protection Act in 2017. Chosun cites a local source who says that recent hacks of domestic crypto exchanges have been a strong impetus for the new probe.
These include last month’s high-profile $17 million hack of major Korean exchange Bithumb, whose causes KISA has been investigating in partnership with other agencies. Notably, just prior to the incident, Bithumb had been given the all-clear following a three month long investigation into its operations by South Korean authorities.
Throughout spring, Korean exchanges have faced increasing scrutiny from regulators for their compliance with anti money laundering (AML) standards and other fraud prevention measures. Just this week, Korea’s Financial Services Commission (FSC) released a set of revised AML guidelines for virtual currencies.